ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 274 discussion

Actual exam question from Cisco's 300-710
Question #: 274
Topic #: 1
[All 300-710 Questions]

A network administrator is configuring a BVI interface on a routed FTD. The administrator wants to isolate traffic on the interfaces connected to the bridge group and not have the FTD route this traffic using the routing table. What must be configured?

  • A. A new VRF must be created for the BVI interface
  • B. An IP address must be configured on the BVI
  • C. IP routing must be removed from the physical interfaces connected to the BVI
  • D. The BVI interface must be configured for transparent mode
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by KISRUVEM at Jan. 15, 2024, 9:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tinyJoe
2 weeks, 1 day ago
Selected Answer: A
It's very difficut to choose, I would choose A. As for D, this FTD is already in Routed mode. I don't think changing it to Transparent is the best solution, since I assume it is already connected to multiple IP subnets. As for B, the configuration to IP addresses to the BVI is mandatory regardless of whether or not there is separation from routing. As for C, I don't understand what you mean by “IP routing must be removed”. Supplementary, the best solution is “not assigning a name to the BVI interface”. I don't understand why this is not an option. https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/760/management-center-device-config -76/device-ops-tfw.html?bookSearch=true#:~:text=not%20assigning%20a%20name
upvoted 2 times
...
flejd
1 month, 2 weeks ago
Selected Answer: B
Routed mode and bvi with IP address = traffic is allowed only between member interfaces ( L2 ). Routed mode and bvi with IP an NAMEIF = traffic is allowed only between member interfaces as well as routed interfaces. Nameif is enabling the routing from BVI to other L3 interfaces
upvoted 2 times
...
Stevens0103
11 months ago
Selected Answer: A
"How to Manage Overlapping Segments in Routed Firewall Mode with BVI Interfaces" In the following example, BVI-G is configured in VRG and Bridge Group 1 is the routed interface for interfaces G0/1 and G0/2. Similarly, BVI-B is configured in VRB and Bridge Group 2 is the routed interface for interfaces G0/3 and G0/4. Consider that both BVIs have the same IP subnet address, say 10.10.10.5/24. Because of virtual routers, the network is isolated on the shared resources. https://www.cisco.com/c/dam/en/us/td/i/400001-500000/440001-450000/442001-443000/442782.jpg https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/virtual-routing-for-firepower-threat-defense.html
upvoted 2 times
Stevens0103
11 months ago
Option D is off topic.
upvoted 2 times
...
...
Dash_888
1 year ago
Selected Answer: D
I believe D is the correct answer given the below https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/fpmc-config-guide-v61_chapter_01110000.html#ID-2106-00000036 Bridge Groups in Transparent Firewall Mode Bridge group traffic is isolated from other bridge groups; traffic is not routed to another bridge group within the Firepower Threat Defense device, and traffic must exit the Firepower Threat Defense device before it is routed by an external router back to another bridge group in the Firepower Threat Defense device.
upvoted 2 times
teenytiny
6 months, 1 week ago
To complete my thought below, I agree with Dash_888 because VRFs use the routing table. Question specifies, "and not have the FTD route traffic using the routing table"
upvoted 1 times
...
teenytiny
6 months, 1 week ago
Questions specifies, "and not have the FTD route this traffic"
upvoted 1 times
...
...
KISRUVEM
1 year ago
Selected Answer: A
I’m thinking A. Creating a VRF with just the BVI would effectively isolate it from routing.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago